May i know the reason why custom rule is not working along with external issues ?
Hi,
We’re going to need detail on your rule before we can help you.
Ann
Hi,
My Custom Rule:- If the code consists of any “Http Session”, it will raise an issue with the error message.
Same rule is activated against a profile and when i run mvn sonar:sonar it is throwing the issue.
But, when i run the sonar-scanner, the custom rule which i have deployed into server is not working.
Hi,
Again, a lot more detail is needed. For instance, are we talking about running these two different analysis commands against the same project or different projects?
Ann
Same project.
Whatever I am going to mention below is for same project,
When I run the sonar-scanner, It should raise the issue for the custom rule which i have developed for Http Session and activated against one profile. But It doesn’t.
I am using below sonar-properties file,
sonar.host.url=http://localhost:9000
sonar.projectKey=abc123321
sonar.projectName=SpringSonarTest
sonar.projectVersion=1.0
sonar.sources=.
sonar.language=java
sonar.java.binaries=.
#sonar.inclusions=pom.xml,src/main/**
sonar.externalIssuesReportPaths=./report.json
sonar.issuesReport.json.enable=true
#sonar.showProfiling=true
When i run sonar-scanner, it should raise all issues (custom rules + external issues).
But the external issues which i have mentioned in report.json file is working but the custom rule which is already deployed and activated with one profile is not working.
Finally, when i analyse the project using sonar-scanner, i am getting only external issues in the dashboard.
What I need is to get both external issues as well as custom rules deployed into sonar server when I run the sonar-scanner.
Hi,
Okay, first, you should verify that the same profile is used in both analyses. sonar.profile is dropped in 7.7, but you’re on 7.6 and it’s possible your pom sets a profile property. If you’ve got two different profiles in play, one with and one without your rule then the problem is obvious.
But let’s assume you’ve crossed that off the list, the next question is your parameters. When you run a Maven analysis, your source and binary properties are going to be set precisely, not to just .. I don’t see why that would make a difference, but try setting them precisely.
Also, sonar.language has been deprecated for literally years (and finally removed in 7.7). It’s really not gaining you anything here, so I’d eliminate that just to reduce confusion. Along those lines, I don’t recognize sonar.issuesReport.json.enable. Where do you see it documented? And also, since we’re debugging a custom Java rule, it’s not likely to be doing you any good. I’d drop it for at least this test.
And if stepping through all those things still doesn’t get you the desired result, then you’re going to need to share some source code from your rule because diagnosing why a rule doesn’t work without the source is a bit like gazing into a crystal ball. 
Ann
Hi,
Thanks for the response.
I have changed my sonarQube version to 7.7 Below is my src file for custom rule
Rule Class:-
@Rule(key = "*******", name = "Avoid Session Usage in the code", description = "**********", priority = Priority.MAJOR, tags = { "bug" }) public class AvoidHttpSessionRule extends IssuableSubscriptionVisitor { @Override public List<Kind> nodesToVisit() { return ImmutableList.of(Tree.Kind.VARIABLE); } @Override public void visitNode(Tree tree) { VariableTree variableTree = (VariableTree) tree; if (variableTree.symbol().type().toString().equalsIgnoreCase("HttpSession")) reportIssue(tree, "Avoid Using HttpSession"); } }
I have activated the same rule by creating one profile name custom for the language Java and made it as default profile.
I have placed the sonar-properties file in the project directory. I have some external issues mentioned in the sonar.properties file with key and value as sonar.externalIssuesReportPaths=*/report.json .
After running the sonar-scanner in the project location, i can see my project was registered with sonar server. When i open the issues tab I can see only external issues displaying in the dashboard. I am not able to the custom rule issue in the dashboard
hello @AnuragSanagapalli ,
can you share the sample of code where you expect to see the issue? Do you have the unit tests for your rule implementation as described in the tutorial https://docs.sonarqube.org/display/PLUG/Writing+Custom+Java+Rules+101 ?
you are welcome. Maybe you can consider sharing what was the issue and how you managed to solve it, so others from the community can benefit from it.
Hi @saberduck
In My Custom Rule I am doing one validation using variableTree mentioned below,
When I run the sonar-scanner I am not able to see any issues reported in the dashboard. But when I run the mvn sonar:sonar I am able to observe the issues in the dashboard.
Both Validations are correct and populating the same output.
I don’t know what was the difference between those two validations. It will be helpful if I get any explanation regarding this.
I believe that the underlying reason for the difference would be the fact that using maven scanner will automatically configure sonar.java.libraries property with the classpath of the project.
sonar-scanner doesn’t do this automatically, you would need to configure it manually.
For java projects it is preferable to use scanner for maven.